CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Internet2 3Opensaml Shibboleth SpXmltoolingApr 23, 2026 Sep 29, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2....Show more |
1Internet2 3Opensaml Shibboleth SpXmltoolingApr 23, 2026 Sep 29, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 OpenSAML 2.x before 2.2.1 and XMLTooling 1.x before 1.2.1, as used by Internet2 Shibboleth Service Provider 2.x before 2.2.1, do not follow the KeyDescriptor element's Use attribute, which allows remote attackers to use...Show more |